• florge@feddit.uk
    link
    fedilink
    arrow-up
    3
    ·
    10 months ago

    If anything is clear from the stuff coming out is that loads of people had potential oversight but trusted in the system not to be abused by an institution.

    • Jaccident@lemm.ee
      link
      fedilink
      arrow-up
      7
      ·
      10 months ago

      It’s my general opinion that you’re right. Specifically I think Blair had questions and raised them with the closest Cabinet member to the issue; it was Mandelson’s responsibility to have someone look into it at length.

      Ultimately, and I believe this of all PMs, we can’t afford as a nation for them to be in the business of bug tracking. They have to have some trust their governmental departments are on top of the tech. This goes double the further back you go, general computer literacy drops. I can’t hold Blair, or Major, to account for not understanding the broad reach of these sorts of flaws.

      What I can’t understand is how the Post Office and Fujitsu got away without a pen test on the software; especially when their core argument was “it is impossible to remotely access”.

      • mannycalavera@feddit.ukOP
        link
        fedilink
        arrow-up
        3
        ·
        10 months ago

        What I can’t understand is how the Post Office and Fujitsu got away without a pen test on the software; especially when their core argument was “it is impossible to remotely access”.

        Having worked for one of these bastard consultancies (IBM) that sells crappy services to the public sector, they literally don’t care. It’s about locking you in to big multi million pound projects and putting bums on seats to charge the client. The government department / post office gets a warm fuzzy feeling that they’re doing great things because why would you pay so much money for shit and if these consultants happen to build something useful well that’s a bonus.

        No way, no way in hell are companies like IBM or Fujitsu in this case listening to low level devs or testers and admitting to the client that they’ve pissed away millions of their money on something that doesn’t work. You should see how they word their contacts with government (which is also partly to blame with how badly they accept these shit terms without any oversight). They’ll be protected against all of this. It’s the public and the services they rely on that suffer. And the funny thing is it’s all our money they’re wasting.

        GDS was set up partly to break this cycle until very early on it was hobbled by big players in this area pushing back. People need to remember the state of digital services before GDS was started, it wasn’t very good.

        • kralk@lemm.ee
          link
          fedilink
          arrow-up
          3
          ·
          edit-2
          10 months ago

          Currently working with IBM contractors, can confirm this. It’s not even an institutional type problem, it’s like they deliberately hire arseholes.

          Back to this article though, tis project presumably was run under PRINCE2 methodology which is very rigid. I know it makes a good headline but a handwritten note would have literally no effect. There’s a whole change control process you need to go through. That note is just somebody covering their own arse rather than actually doing their job.